Tag: vulnerability

Did Facebook know about “View As” bug before 2018 breach?
access tokens, data breach

Did Facebook know about “View As” bug before 2018 breach?

Even though Facebook protected employees, it failed to fix the vulnerability or to protect most users, a court filing charges. . Did Facebook know about ... Read More

Multiple HTTP/2 DoS flaws found by Netflix
CVEs, Denial of Service

Multiple HTTP/2 DoS flaws found by Netflix

Netflix has identified several denial of service (DoS) flaws in HTTP/2, a popular network protocol that underpins large parts of the web. Exploiting them could ... Read More

61 impacted versions of Apache Struts left off security advisories
Apache Struts, BDSR

61 impacted versions of Apache Struts left off security advisories

Researchers found that 24 security advisories inaccurately listed affected versions for the open-source development framework. . 61 impacted versions of Apache Struts left off security ... Read More

Local - Privilege Escalation Exploits, Local Exploit

Webmin 1.920 – Remote Code Execution

- Exploit Details #!/bin/sh # # CVE-2019-15107 Webmin Unauhenticated Remote Command Execution # based on Metasploit module //www.exploit-db.com/exploits/47230 # Original advisory: //pentest.com.tr/exploits/DEFCON-Webmin-1920-Unauthenticated-Remote-Command-Execution.html # Alternative advisory ... Read More

YouPHPTube 7.2 – ‘userCreate.json.php’ SQL Injection
remote code execution

YouPHPTube 7.2 – ‘userCreate.json.php’ SQL Injection

- Exploit Details # Exploit Title: YouPHPTube < 7.3 SQL Injection # Google Dork: / # Date: 19.08.2019 # Exploit Author: Fabian Mosch, r-tec IT ... Read More

Anatomy of a Cyber-Attack
cybersecurity, information-security

Anatomy of a Cyber-Attack

<img alt="Image by Image by Gordon Johnson from PixabayIt is often said that you must ‘know your enemy’ in order to succeed, but for many ... Read More

Steam Security Saga Continues with Vulnerability Fix Bypass
Security Update

Steam Security Saga Continues with Vulnerability Fix Bypass

A bypass for a recent Steam vulnerability that could allow malware or a local attacker to gain admin privileges has been disclosed on Twitter. This new ... Read More

iPhone holes and Android malware – how to keep your phone safe
Android malware, Apple

iPhone holes and Android malware – how to keep your phone safe

Watch the latest Naked Security Live video for our non-technical tips to improve your online safety, whichever type of phone you prefer. . iPhone holes ... Read More

Local - Privilege Escalation Exploits, Local Exploit

Web Wiz Forums 12.01 – ‘PF’ SQL Injection

- Exploit Details # Exploit Title: Web Wiz Forums 12.01 - 'PF' SQL Injection # Date: 2019-09-16 # Exploit Author: n1x_ # Vendor Homepage: //www.webwiz.net/web-wiz-forums/forum-downloads.htm ... Read More